Hi Jim.
you can notice
<sslContext>
<sslContext keyStore="file:${activemq.base}/conf/broker.ks"
keyStorePassword="password"
trustStore="file:${activemq.base}/conf/broker.ts"
trustStorePassword="password"/>
</sslContext>
in activemq-demo.xml which is used to configure locations and passwords for
key and trust stores.
Cheers
--
Dejan Bosanac - http://twitter.com/dejanb
Open Source Integration - http://fusesource.com/
ActiveMQ in Action - http://www.manning.com/snyder/
Blog - http://www.nighttale.net
On Sun, May 2, 2010 at 11:26 PM, Jim Lloyd <jll...@silvertailsystems.com>wrote:
> We have a relative simple topology where there are a few machines
> configured
> as network of brokers. Each machine has one broker, and then one or more
> activemq client applications. Each client only connects to the broker on
> local host. Every broker statically connects to every other broker.
>
> We have a requirement that all traffic on the wire be encrypted, so we are
> using SSL for the network connectors between brokers. The local traffic
> between the clients and the localhost broker uses plaintext openwire, i.e.
> a
> tcp transport.
>
> The relative section from the .conf file looks something like this:
>
> <networkConnectors>
> <networkConnector name="superman-to-batman"
> uri="static:(ssl://batman:24001)"/>
> <networkConnector name="superman-to-flash"
> uri="static:(ssl://flash:24001)"/>
> </networkConnectors>
>
> <transportConnectors>
> <transportConnector name="open" uri="tcp://127.0.0.1:24002" />
> <transportConnector name="ssl" uri="ssl://0.0.0.0:24001" />
> </transportConnectors>
>
> For testing purposes we have been using the demo broker.ks, broker.ts,
> client,ks, client.ts files that ship with activemq. We now want to generate
> our own files. I've read
> how-do-i-use-ssl<http://activemq.apache.org/how-do-i-use-ssl.html> but
> there is something mysterious to me that I want to understand.
>
> I see in activemq-demo.xml where the broker.ks and broker.ts files are
> configured, but I don't see where client.ks and client.ts are configured.
> These files are referenced in
> how-do-i-use-ssl<http://activemq.apache.org/how-do-i-use-ssl.html>,
> where it says:
>
> When starting the client's VM, specify the following system properties:
>
> javax.net.ssl.keyStore=/path/to/client.ks
> javax.net.ssl.keyStorePassword=password
> javax.net.ssl.trustStore=/path/to/client.ts
>
>
> However, we never did this to our configuration, and I can't find where it
> might have been done for us in the default configuration.
>
> So, all this boils down to the simple question: how does activemq-demo.xml
> work? Where is client.ks and client.ts configured for this demo?
>
> Thanks,
> Jim Lloyd
>
